Overview

overview

7

Static

static

d579969312...3a.exe

windows7-x64

7

d579969312...3a.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    d579969312bf96cf8b13bd4d37084403669fc90d1f3689d4e58ec647218f6f3a

  • Size

    92KB

  • Sample

    221002-bllywsgdbq

  • MD5

    6f9dc003a1c729a40993c867b12cbc90

  • SHA1

    bf71ec1fa08b14a18505565ffd8c27334c3a156a

  • SHA256

    d579969312bf96cf8b13bd4d37084403669fc90d1f3689d4e58ec647218f6f3a

  • SHA512

    130784be9d18c67ff9a14805cb79d66f000d5e2d0d30e640563b906a949b9ace6609fa11682d3d5faaf546b321075a86ade9c13a6cdebbba900c425ff74108ca

  • SSDEEP

    1536:zS2vOUHVOKZWwrgdGPiiv9vgmh7vfaOe/pwFquLFUTQnN3R9M5WLiVwt/o3VZVy2:zjzhZWxivgmhbI/pqqsFUCN3R9MI+II7

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      d579969312bf96cf8b13bd4d37084403669fc90d1f3689d4e58ec647218f6f3a

    • Size

      92KB

    • MD5

      6f9dc003a1c729a40993c867b12cbc90

    • SHA1

      bf71ec1fa08b14a18505565ffd8c27334c3a156a

    • SHA256

      d579969312bf96cf8b13bd4d37084403669fc90d1f3689d4e58ec647218f6f3a

    • SHA512

      130784be9d18c67ff9a14805cb79d66f000d5e2d0d30e640563b906a949b9ace6609fa11682d3d5faaf546b321075a86ade9c13a6cdebbba900c425ff74108ca

    • SSDEEP

      1536:zS2vOUHVOKZWwrgdGPiiv9vgmh7vfaOe/pwFquLFUTQnN3R9M5WLiVwt/o3VZVy2:zjzhZWxivgmhbI/pqqsFUCN3R9MI+II7

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks